• Resolved shirtguy72

    (@shirtguy72)


    Does BBQ prevent XXS vulnerability? If no, would you recommend adding the following into my .htaccess file?

    # Extra Security Headers
    <IfModule mod_headers.c>
    Header set X-XSS-Protection “1; mode=block”
    Header always append X-Frame-Options SAMEORIGIN
    Header set X-Content-Type-Options nosniff
    </IfModule>

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Jeff Starr

    (@specialk)

    BBQ blocks a LOT of different XSS threats, but nothing is 100% perfect. It’s all about layers of protection to harden WordPress. The extra security headers you mention likewise will not protect against all XSS, but they do add another layer of protection. So if you are able to add them, doing so should help to further protect your site.

    Thanks for your time Jeff, much appreciated!

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.